GNU bug report logs - #9113
24.0.50; auth-sources: .authinfo versus .authinfo.gpg

Previous Next

Full log

Message #92 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Ted Zlatanov <tzz <at> lifelogs.com>
To: bug-gnu-emacs <at> gnu.org
Subject: Re: bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg
Date: Mon, 13 Feb 2012 12:38:54 -0500

On Tue, 31 Jan 2012 12:37:17 +0100 Michael Albinus <michael.albinus <at> gmx.de> wrote: 

MA> Ted Zlatanov <tzz <at> lifelogs.com> writes:
>> As a default, it seems that storing the credential data in a temporary
>> in-memory auth-source backend *by default* is the best solution.  

MA> You use already password-cache.el in auth-source.el. It could be made
MA> public by allowing a :cache entry in `auth-sources'.

OK.

>> Then on exit or on `auth-source-save', if there is something in the
>> in-memory backend, we can ask the user if he wants to save the passwords
>> and where, with all the consequent UI choices.  The user can pick a
>> plain file, or a plain file with password tokens, or a GPG-encrypted
>> file (with or without external support), or the platform's keychain
>> service, if available.  At that time the UI can modify `auth-sources'
>> for the user.

MA> Too complicate. If a user decides for cached passwords, she shouldn't be
MA> asked for saving. It is convenient enough to enter a password only once
MA> during a session.

I'm not convinced but it does make sense, and would make the experience
simpler for the user.  I've asked on the Gnus mailing list for opinions
and anyone interested can post them here too.

Ted

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.